Legal claims defining the scope of protection, as filed with the USPTO.
1. A method for providing a network gateway, comprising: receiving by the network gateway a session request for a session between a host and a server, the session request comprising a host network address and a server network address; establishing by the network gateway a host side session between the network gateway and the host, the network gateway comprising a plurality of processors; selecting by the network gateway a proxy network address for the host based on network information, the network information comprising the host network address and a network gateway network address, wherein the proxy network address is selected such that a calculated first processor identity by the network gateway is the same as a calculated second processor identity by the network gateway; establishing by the network gateway a server side session between the network gateway and the server using the selected proxy network address; in response to receiving a first data packet from the host side session, calculating by the network gateway the first processor identity, comprising: assigning a first processor with the first processor identity to process the first data packet, modifying the first data packet by substituting the host network address in the first data packet with the selected proxy network address, and sending the modified first data packet to the server side session; and in response to receiving a second data packet from the server side session, calculating by the network gateway the second processor identity, comprising: assigning a second processor with the second processor identity to process the second data packet.
2. The method of claim 1 , wherein the calculated first processor identity by the network gateway is based at least in part on the server network address and the host network address.
3. The method of claim 1 , wherein the calculated second processor identity by the network gateway is based at least in part on the proxy network address and the server network address.
4. The method of claim 1 , wherein the assigning the first processor with the first processor identity to process the first data packet comprises: processing the first data packet according to a security policy by the first processor.
5. The method of claim 4 , wherein the security policy comprises one or more of the following: intrusion detection; virus detection; traffic quota violation; and lawful data interception.
6. The method of claim 1 , wherein the assigning the second processor with the second processor identity to process the second data packet comprises: processing the second data packet according to a security policy by the second processor.
7. The method of claim 6 , wherein the security policy comprises one or more of the following: virus detection; traffic quota violation; lawful data interception; and phishing.
8. The method of claim 1 , wherein the selected proxy network address comprises an IP address.
9. The method of claim 8 , wherein the selected proxy network address further comprises a TCP or UDP port.
10. The method of claim 1 , wherein the calculated first processor identity by the network gateway is based at least in part on a computed sum of an IP address for the server network address and an IP address for the host network address.
11. The method of claim 1 , wherein the calculated second processor identity by the network gateway is based at least in part on a computed sum of an IP address for the proxy network address and an IP address for the server network address.
12. A computer program product comprising a non-transitory computer readable medium having a computer readable program, wherein the computer readable program when executed on a computer causes the computer to: receive a session request for a session between a host and a server, the session request comprising a host network address and a server network address; establish a host side session between a network gateway and the host, the network gateway comprising a plurality of processors; select a proxy network address for the host based on network information, the network information comprising the host network address and a network gateway network address, wherein the proxy network address is selected such that a calculated first processor identity by the network gateway is the same as a calculated second processor identity by the network gateway; establish a server side session between the network gateway and the server using the selected proxy network address; in response to receiving a first data packet from the host side session, calculate the first processor identity, comprising: assign a first processor with the first processor identity to process the first data packet, modify the first data packet by substituting the host network address in the first data packet with the selected network address, and send the modified first data packet to the server side session; and in response to receiving a second data packet from the server side session, calculate the second processor identity, comprising: assign a second processor with the second processor identity to process the second data packet.
13. The computer program product of claim 12 , wherein the calculate the first processor identity is based at least in part on the server network address and the host network address.
14. The computer program product of claim 12 , where in the calculate the second processor identity is based at least in part on the proxy network address and the server network address.
15. The computer program product of claim 12 , wherein the assign the first processor with the first processor identity to process the first data packet comprises: process the first data packet according to a security policy by the first processor.
16. The computer program product of claim 15 , wherein the security policy comprises one or more of the following: intrusion detection; virus detection; traffic quota violation; and lawful data interception.
17. The computer program product of claim 12 , wherein the assign the second processor with the second processor identity to process the second data packet comprises: process the second data packet according to a security policy by the second processor.
18. The computer program product of claim 17 , wherein the security policy comprises one or more of the following: virus detection; traffic quota violation; lawful data interception; and phishing.
19. The computer program product of claim 12 , wherein the selected proxy network address comprises an IP address.
20. The computer program product of claim 19 , wherein the selected proxy network address further comprises a TCP or UDP port.
21. The computer program product of claim 12 , wherein the calculated first processor identity is based at least in part on a computed sum of an IP address for the server network address and an IP address for the host network address.
22. The computer program product of claim 12 , wherein the calculated second processor identity is based at least in part on a computed sum of an IP address for the proxy network address and an IP address for the server network address.
Unknown
May 12, 2015
Browse 5M+ US patents with plain-English claim translations and AI-generated analysis.